ef4aebeb71bf123422685dc0da0c95224b089e87371ed7b64c2c116c61b3c331

General

Target

ef4aebeb71bf123422685dc0da0c95224b089e87371ed7b64c2c116c61b3c331
Size

16.7MB
MD5

8668055050eff74dea00fe7c33ee0f16
SHA1

8bedc0ca433b97bc14702ef1a391718f79659e29
SHA256

ef4aebeb71bf123422685dc0da0c95224b089e87371ed7b64c2c116c61b3c331
SHA512

6881d0a60b8a58421e76c4324143a21ff156f65eb604a5e15dd1580cc33ae3bd8e8bfc0150fa5cb26fbe2ae25af3b688f24b52db13dc4907d049b0e19973acea
SSDEEP

393216:YnOVNBmBmHIE16Ed5WsBrJeDfxXmuNts8ktG1HKf3z6F5:YOV/0mH58Ed5WSJ+xXmD86Qi3za

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

ef4aebeb71bf123422685dc0da0c95224b089e87371ed7b64c2c116c61b3c331
.apk android arch:arm

com.mafia.mota

.mota

Activities

.mota

android.intent.action.MAIN
com.sina.weibo.sdk.action.ACTION_SDK_REQ_ACTIVITY

Permissions

android.permission.INTERNET
android.permission.GET_TASKS
android.permission.READ_PHONE_STATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_WIFI_STATE
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

com.mafia.mota.BootBroadcast

android.intent.action.BOOT_COMPLETED

com.mafia.mota.Alarmreceiver

com.mafia.mota.Alarmreceiver

Services
alipay_msp.apk
.apk android arch:arm

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

android.intent.action.MAIN

.activity.Alerter

android.intent.action.MAIN

.activity.Welcome

android.intent.action.MAIN

.activity.Updater

android.intent.action.MAIN

.activity.PageForBrowser

android.intent.action.VIEW

.activity.CertBiz

android.intent.action.MAIN

.activity.MessageActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.SEND_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_USER_PRESENT
android.permission.VIBRATE
android.permission.CHANGE_NETWORK_STATE
com.alipay.notify.permission.PUSHSERVICE
com.alipay.android.permission.BOOT_COMPLETED
com.alipay.android.app.gphone.SHARE

Receivers

com.alipay.notify.BroadcastActionReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
android.intent.action.PACKAGE_ADDED

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

com.alipay.notify.push.NotificationService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

com.alipay.notify.poll.config.ConfigService

Android Permissions

ef4aebeb71bf123422685dc0da0c95224b089e87371ed7b64c2c116c61b3c331

Permissions

android.permission.INTERNET

android.permission.GET_TASKS

android.permission.READ_PHONE_STATE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.ACCESS_NETWORK_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_WIFI_STATE

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.RECEIVE_BOOT_COMPLETED

Sharing

General

Malware Config

Signatures

Files

com.mafia.mota

.mota

Activities

.mota

Permissions

Receivers

com.mafia.mota.BootBroadcast

com.mafia.mota.Alarmreceiver

Services

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

.activity.Alerter

.activity.Welcome

.activity.Updater

.activity.PageForBrowser

.activity.CertBiz

.activity.MessageActivity

Permissions

Receivers

com.alipay.notify.BroadcastActionReceiver

Services

.AlixService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

Android Permissions

ef4aebeb71bf123422685dc0da0c95224b089e87371ed7b64c2c116c61b3c331